CVE-2026-8131 SourceCodester SUP Online Shopping replymsg.php sql injection

A security flaw has been discovered in SourceCodester SUP Online Shopping 1.0. This impacts an unknown function of the file /admin/replymsg.php. The manipulation of the argument msgid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the publ...

CVE-2026-36946

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/inquiries/viewdetails.php...

CVE-2025-13450

CVE-2025-13450 affects SourceCodester Online Shop Project 1.0. A vulnerability in the file /shop/register.php, via manipulation of the f_name argument, enables cross-site scripting. The flaw can be triggered remotely, and the exploit has been publicly disclosed. Several feeds (NVD, Red Hat, CVE l...

CVE-2025-2651 SourceCodester Online Eyewear Shop admin exposure of information through directory listing

A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear Shop 1.0. Affected is an unknown function of the file /oews/admin/. The manipulation leads to exposure of information through directory listing. It is possible to launch the attack remotely. The explo...

CVE-2024-9952

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/?page=systeminfo/contactinfo of the component Contact Information Page. The manipulation of the argument Address leads to cross site...